Reverse Engineering Stack Exchange is a question and answer site for researchers and developers who explore the principles of a system through analysis of its structure, function, and operation. It only takes a minute to sign up.

My exe sends a TCP packet and I want to see which function it uses to send the packets.
I looked on the import tab and haven't found any function that had the strings tcp or send buffer in their names or something like this.

How can I find the function responsible for sending the TCP packet and how can I can see the buffer that is being sent (right before sending)?

Look at the imports from ws2_32.dll (winsock library). send and WSASend are the common APIs for sending TCP packets. Note that some apps will import by ordinal, so you won't see the name in the import table.
– josh poleyJul 20 '18 at 15:17

Possible method: 1. Find a subroutine that has WSAStartup() function. 2. Open that subroutine in graph mode. 3. Analyse that subroutine and it's child subroutines also in graph mode.
– BiswapriyoJul 20 '18 at 16:18

Take a look on stackTrace in ida? If I running this process with ida debugger,and want to look on stackTrace I must click on suspend button, then I not see tcp tcp communication in stackTrace
– KeystoneJul 22 '18 at 7:55

There's a huge variary of windows API functions that let a program send TCP packets. Non of those (as far as I recall) contain the strings tcp or send buffer in their name.

to reverse engineer network communication, you should start by gaining some knowledge on how packets are sent my programs, what are the relevant APIs and how they're used. This will most likely begin with reading the documentation over at MSDN.